cancel
Showing results for 
Search instead for 
Did you mean: 

Error calling BLS from oracle database

darshansheth
Explorer
0 Kudos

Hi Experts,

We have a scenario in which we are calling BLS from oracle database using trigger. The call is made using the following URL:

http://<Host name>:50000/XMII/Runner?Transaction=<TRX_Path>&Material=MATNR&Pallet_id=PALLET&Plant=PLANT&Proc_order=PROC&Prodline=PROD&Quantity=QTY&Start_Date=DAT&Start_Time=TIM&Status=STAT&UOM=UOM1&User_name=USER&OutputParameter=*

This used to work fine in 11.5 but when we upgraded to 14.0 it is not working. We have maintained server details in \etc\host file.

We were getting error in file 'Error 1 Text.txt'. "A possible Cross-Frame Scripting attack has been prevented. Please contact your system administrator or refer to" this was the last error message. We checked this on SCN and based on the search results we have implemented SAP note 1651004 wherein setting in netweaver is required to be changed. After note was implemented we are getting another error text ('Error 2 Text.txt') "This will happen if the browser running the page tha". We tried a few ways but could not capture the full message coming.

Has anybody of faced similar problem? I would highly appreciate any hint which could help in solving this problem.

System Information:

NW 7.31 SP 10

Oracle 11.2.0.4

MII 14.0 SP5 patch 7

Regards,

Darshan

Accepted Solutions (1)

Accepted Solutions (1)

darshansheth
Explorer
0 Kudos

Hi All,

Found the solution:

1) If we use SET DEFINE before running the Select statement, the URL call is successful

2) In Stored procedure there is no need to call SET DEFINE. Stored procedure will work properly without it. It will send the URL as it to the destination system. no need to worry about the oracle/sql escape characters in the URL

Answers (3)

Answers (3)

0 Kudos

I do not see the "IllumLoginName" and "IllumLoginPassword" parameters in your Runner servlet call example.  Please verify they are included, the only way you would get the Login.jsp page back in your HTTP response body is if your authentication failed; so you get redirected.


Sam

darshansheth
Explorer
0 Kudos

Hi Sam,

"IllumLoginName" and "IllumLoginPassword" are included in the call. When i execute the URL in the browser BLS gets executed successfully. I could see the processing of the called transaction in the transaction manager.


when i call the URL from DB it gives the error. I have verified that the values passed for "IllumLoginName" and "IllumLoginPassword" are valid and not locked.

Regards,

Darshan Sheth

former_member185280
Active Contributor
0 Kudos

Darshan,


Is your server configured to use single sign on?


Regards,

Christian


darshansheth
Explorer
0 Kudos

Christian,

We are not using SSO

Regards,

Darshan

0 Kudos

Can you setup something like Fiddler (http://www.telerik.com/fiddler) on the server and post the results of this tool when the DB makes the call to MII?

Thanks,

Sam

darshansheth
Explorer
0 Kudos

Sam,

forgot to mention earlier that DB and MII instance reside on the same server.  will this change anything

Regards,

Darshan

0 Kudos

Nope, it shouldn't affect anything...just need to see the network trace in order to further understand what's going on.

Sam

darshansheth
Explorer
0 Kudos

Hi Sam,

Got someone who can install software on the server. In meanwhile, wanted to check if  we need any additional configuration on fiddler to capture the trace?

Regards,

Darshan Sheth

darshansheth
Explorer
0 Kudos

Hi Sam,

Installed fiddler on the server and then ran the transaction. Nothing was captured in the tool.

Does it need any other configuration to capture the trace.

Regards,

Darshan Sheth

Former Member
0 Kudos

Hello darshan,

You are actually getting MII login page in response to the URL you are calling. Please pass valid user name and password to authenticate yourself and run the transaction.

Regards,

Anushree

darshansheth
Explorer
0 Kudos

Hi Christian/Anushree,

I have now modified the URL by adding Illum login name and password:

http://<Host name>:50000/XMII/Runner?Transaction=<TRX_Path>&Material=MATNR&Pallet_id=PALLET&Plant=PLANT&Proc_order=PROC&…

When i run the url in browser it gives me the expected results but when i try to trigger it from Oracle i am still getting the error as below:

"<script>

  var inPortalScript = false

  var webpath = "/logon_ui_resources/"

</script>

<html>

<head>

<BASE target="_self">

<link rel=stylesheet href="https://answers.sap.com/logon_ui_resources/css/ur/ur_ie5.css">

<title>User Management, SAP AG</title>

<script language="javascript">

var originWindowName=window.name;

window.name="logonAppPage";

function restoreWindow() {

try{

window.name=originWindowName;

} catch(ex){}

}

</script>

<script language="JavaScript">

function putFocus(formInst, elementInst) {

  if (document.forms.length > 0) {

    document.forms[formInst].elements[elementInst].focus();

  }

}

function setValuesAutoCreation() {

var form = document.getElementById('logonForm');

form.j_username.value="";

form.j_password.value="";

form.automaticAccountCreation.value="true";

}

function submitForm() {

var form = document.getElementById('logonForm');

form.submit();

}

function clearEntries() {

  document.logonForm.longUid.value="";

  document.logonForm.password.value="";

}

function setFocusToFirstField() {

myform = document.logonForm;

try{

   for (i=0; i<myform.length; i++) {

    elem = myform.elements[i];

    if (!elem.disabled) {

      elemType = elem.type;

      if (elemType=="text" || elemType=="password") {

       if (!elem.readOnly) {

          elem.focus();

          break;

       }

      }

      if (elemType=="select-one" || elemType=="select-multiple" || elemType=="checkbox" || elemType=="radio") {

        elem.focus();

        break;

      }

    }

   }

} catch(ex){

}

}

function addTenantPrefix() {

  return true;

}

</script>

</head>

<body class="urBdyStd" bgcolor="#F7F9FB" onLoad="setFocusToFirstField()" onUnload="restoreWindow()">

Thanks,

Darshan

<script language="JavaScript">

var blockPage = false;

</script>

<script language="JavaScript">

try {

  if (top.document.domain != self.document.domain) {

  blockPage = true;

  }

} catch (error) {

  // This will happen if the browser running the page tha"

former_member185280
Active Contributor
0 Kudos

Try using j_username and j_password. I don't think IllumLoginName & IllumLoginPassword are valid in version 14.

darshansheth
Explorer
0 Kudos

Hi Christian,

Tried j_username and j_password but it gives the same error.

I think that IllumLoginName & IllumLoginPassword work in v 14 as i am able to execute the link successfully when i run it in browser.

Regards,

Darshan

Former Member
0 Kudos

Hi darshan,

IllumLoginName and IllumLoginPassword does work in MII 14.0. It is surprising that you are still getting redirected to login page.

Is there any error logged in Netweaver?

Regards,
Anushree

darshansheth
Explorer
0 Kudos

Hi Anushree,

I checked the log viewer and there are no logs. Any other location where i could see error logs?


Regards,

Darshan

Former Member
0 Kudos

Hi Darshan,

Please take a look at the below link:

Security Audit Log of the AS Java - System Security - SAP Library

Regards,

Anushree

darshansheth
Explorer
0 Kudos

Hi Anushree,

Thanks for the link. Based on the link security audit log is present at the location:

\usr \sap \ <SID> \ <instance_number> \j2ee \cluster \server <n> \log \system \security_audit.log

when i checked in my server at the following path:

D:\usr\sap\<SID>\J00\j2ee\cluster\server0\log\system

I could see that there is file security_audit_00.0.log. This file is not updated with any information since 05/21/2014. Could it be that the logging for security audit file would have been switched off.

Regards,

Darshan

Former Member
0 Kudos

Hi Darshan,

It could be that logging is switched off. Check log level of log controllers.

Here is how to do it:

Configuring Log Controllers - Monitoring - SAP Library

Events are stated in the link I provided earlier

Regards,

Anushree

darshansheth
Explorer
0 Kudos

Hi Anushree,

Logging for security audit is switched on now. I executed the call after the logging was switched on and there are no entries in the security_audit_00.0.log file.

I passed incorrect password in IllumLoginPassword field but still no entries in the log file.

To check if logging is actually switched on i provided incorrect credentials while logging in from Menu.jsp and was able to see the entries related to the failed attempt in security_audit_00.0.log file.

Regards,

Darshan

darshansheth
Explorer
0 Kudos

Hi Anushree,

Logging for security audit is switched on now. I executed the call after the logging was switched on and there are no entries in the security_audit_00.0.log file.

I passed incorrect password in IllumLoginPassword field but still no entries in the log file.

To check if logging is actually switched on i provided incorrect credentials while logging in from Menu.jsp and was able to see the entries related to the failed attempt in security_audit_00.0.log file.

Regards,

Darshan

former_member185280
Active Contributor
0 Kudos

How are you passing the credentials?